Most of us know that Yahoo was the victim of a cyberattack this year, and that the data of more than 500 million users was stolen. Not enough of us, though, give sufficient thought to the possibility of this sort of thing happening to our own small businesses right here in mid-Missouri.

Business owners and managers are focused on growing and maintaining their companies — on sales, personnel, service, inventory, and so many other things. But this means they can overlook less common, but potentially dire, threats. One of the most critical protective measures for any small business is implementing measures to protect you and your customers from hackers who want to steal the data in your system and the money from your accounts.

It’s an easy thing to put on the backburner. Many small business leaders think they’re less likely to be a target because of their smaller size and lower profile. Others may think it’ll be easier to deal with a data breach once it has happened than it would be to install protections in the first place.

For perspective, let’s look at some statistics from the Better Business Bureau’s Institute for Marketplace Ethics:

 

  • 71 percent of all data breaches target small businesses.
  • The average cost for a small business to fix a data breach
    is $7,100.
  • If money has been stolen, fixing a data breach costs an average of $32,000.
  • Since January 2015, the FBI has reported a 270 percent increase in cybercrimes.

We can see that the reality may be very different from what we’re thinking. Small businesses, in fact, are more frequent targets than big businesses, and there is often little that can be done once data or money is stolen. The threat of cyberattack is very real for small businesses, and the damage can be crippling. Be prepared.

Cybersecurity for your business is not only about adding layers of security technology — it starts with understanding and managing your cybersecurity risks. At the BBB, we have the “5-Step Approach to Better Business Cyber Security,” based on the National Institute of Standards and Technology Cyber Security Framework. It helps you see the specifics of your business’s cybersecurity needs, helping you identify and protect data and technology assets. It’s also a good guide for how to detect, respond to, and recover from a breach. This framework is a collaboration between BBB and the National Cyber Security Alliance. For many, it will be best to approach these steps with an IT expert, but most business owners and managers will be able to use this framework to begin making their businesses safer.

 

Identify:

Take inventory of key technologies you use and know what information you would need to rebuild your infrastructure from scratch. Inventory the key data you use and store, and keep track of likely threats.

Protect:

Assess what protective measures you need to have in place to be as prepared as possible for a cyberattack. Put protective policies in place for technologies, data, and users, and ensure that your contracts with cloud and other technology service providers include the same protections.

Detect:

Put measures in place to alert you of current or imminent threats to system integrity, or loss or compromise of data. Train your users to identify and speedily report incidents.

Respond:

Make and practice an incident response plan to contain an attack and maintain business operations in the short term.

Recover:

Know what to do to return to normal business operations after an incident. Protect sensitive data and your business reputation over the long term.

 

Protecting your business from cybercrime is good for you, and it’s good for your customers. Take the time, follow the steps, be ready.

 

Sean Spence is the regional director of Better Business Bureau Columbia. 

Recent News

Hawthorn Bank to Open Downtown Banking Center

Hawthorn Bank will open a downtown banking center, COO Kathleen Bruegenhemke announced Friday. The center will be located on the first two floors of...

Why We Should Be Graphically Designing Our City

In urban development circles, it’s common to talk about public art as a way to create a strong identity for an area. For hundreds...

Women Entrepreneurs: Build the Foundation, Take the Leap

This post is the first in a four-part series about creating a new entrepreneurship program, the Missouri Women’s Business Center, while simultaneously helping entrepreneurs...

Understanding Online Privacy in 2017

Allie Schomaker is the marketing manager at Socket.    Earlier this year, Congress passed legislation to prevent new online privacy regulations from going into...

Yes, It Can Be Hard to Attend Public Meetings. No, It Shouldn’t Be.

Missouri passed its Sunshine Law in 1973 with the goal of ensuring government transparency and accountability. The law promotes a liberal interpretation of transparency,...